Towards Anonymous Neural Network Inference

• URL: http://arxiv.org/abs/2505.18398v1
• Date: Fri, 23 May 2025 22:05:20 GMT
• Title: Towards Anonymous Neural Network Inference
• Authors: Liao Peiyuan,
• Abstract summary: funion is a system providing end-to-end sender-receiver unlinkability for neural network inference.<n>Users can anonymously store input tensors in pseudorandom storage locations, commission compute services to process them via the neural network, and retrieve results with no traceable connection between input and output parties.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: We introduce funion, a system providing end-to-end sender-receiver unlinkability for neural network inference. By leveraging the Pigeonhole storage protocol and BACAP (blinding-and-capability) scheme from the Echomix anonymity system, funion inherits the provable security guarantees of modern mixnets. Users can anonymously store input tensors in pseudorandom storage locations, commission compute services to process them via the neural network, and retrieve results with no traceable connection between input and output parties. This store-compute-store paradigm masks both network traffic patterns and computational workload characteristics, while quantizing execution timing into public latency buckets. Our security analysis demonstrates that funion inherits the strong metadata privacy guarantees of Echomix under largely the same trust assumptions, while introducing acceptable overhead for production-scale workloads. Our work paves the way towards an accessible platform where users can submit fully anonymized inference queries to cloud services.

Related papers

• Privacy-Preserving Anonymization of System and Network Event Logs Using Salt-Based Hashing and Temporal Noise [5.85293491327449]
  Event logs contain Personally Identifiable Information (PII)<n>Overly aggressive anonymization can destroy contextual integrity, while weak techniques risk re-identification through linkage or inference attacks.<n>This paper introduces novel field-specific anonymization methods that address this trade-off.
  arXiv  Detail & Related papers  (2025-07-29T15:16:42Z)
• Secure Quantum Relay Networks Using Distributed Entanglement without Classical Authentication [0.0]
  Current quantum communication protocols rely heavily on classical authentication for message origin verification.<n>We propose a novel framework for secure quantum relay networks that completely avoids classical authentication.
  arXiv  Detail & Related papers  (2025-07-07T20:25:10Z)
• Anonymous and private parameter estimation in networks of quantum sensors [1.099532646524593]
  In quantum networks, distributed quantum sensing has emerged as a powerful use case.<n>We develop a new protocol combining the different cryptographic functionalities of anonymity and privacy for the task of distributed parameter estimation.
  arXiv  Detail & Related papers  (2025-07-01T18:02:51Z)
• PWC-MoE: Privacy-Aware Wireless Collaborative Mixture of Experts [59.5243730853157]
  Large language models (LLMs) hosted on cloud servers alleviate the computational and storage burdens on local devices but raise privacy concerns.<n>Small language models (SLMs) running locally enhance privacy but suffer from limited performance on complex tasks.<n>We propose a privacy-aware wireless collaborative mixture of experts (PWC-MoE) framework to balance computational cost, performance, and privacy protection under bandwidth constraints.
  arXiv  Detail & Related papers  (2025-05-13T16:27:07Z)
• Decentralized Reliability Estimation for Low Latency Mixnets [9.938777444906593]
  mixnets can anonymously route large amounts of data packets with end to end latency that can be as low as a second.<n>Existing verifiability mechanisms are incompatible with scalable low-latency operation.<n>We propose a scheme that can estimate reliability scores for a mixnet's links and nodes in a decentralized manner.
  arXiv  Detail & Related papers  (2024-06-10T19:38:04Z)
• Privacy Preserving Semi-Decentralized Mean Estimation over Intermittently-Connected Networks [59.43433767253956]
  We consider the problem of privately estimating the mean of vectors distributed across different nodes of an unreliable wireless network. In a semi-decentralized setup, nodes can collaborate with their neighbors to compute a local consensus, which they relay to a central server. We study the tradeoff between collaborative relaying and privacy leakage due to the data sharing among nodes.
  arXiv  Detail & Related papers  (2024-06-06T06:12:15Z)
• Secure Deep Learning-based Distributed Intelligence on Pocket-sized Drones [75.80952211739185]
  Palm-sized nano-drones are an appealing class of edge nodes, but their limited computational resources prevent running large deep-learning models onboard. Adopting an edge-fog computational paradigm, we can offload part of the computation to the fog; however, this poses security concerns if the fog node, or the communication link, can not be trusted. We propose a novel distributed edge-fog execution scheme that validates fog computation by redundantly executing a random subnetwork aboard our nano-drone.
  arXiv  Detail & Related papers  (2023-07-04T08:29:41Z)
• Eavesdropper localization for quantum and classical channels via nonlinear scattering [58.720142291102135]
  Quantum key distribution (QKD) offers theoretical security based on the laws of physics. We present a novel approach to eavesdropper location that can be employed in quantum as well as classical channels. We demonstrate that our approach outperforms conventional OTDR in the task of localizing an evanescent outcoupling of 1% with cm precision inside standard optical fibers.
  arXiv  Detail & Related papers  (2023-06-25T21:06:27Z)
• Probabilistic Verification of ReLU Neural Networks via Characteristic Functions [11.489187712465325]
  We use ideas from probability theory in the frequency domain to provide probabilistic verification guarantees for ReLU neural networks. We interpret a (deep) feedforward neural network as a discrete dynamical system over a finite horizon. We obtain the corresponding cumulative distribution function of the output set, which can be used to check if the network is performing as expected.
  arXiv  Detail & Related papers  (2022-12-03T05:53:57Z)
• Spoofing Attack Detection in the Physical Layer with Commutative Neural Networks [21.6399273864521]
  In a spoofing attack, an attacker impersonates a legitimate user to access or tamper with data intended for or produced by the legitimate user. Existing schemes rely on long-term estimates, which makes it difficult to distinguish spoofing from movement of a legitimate user. This limitation is here addressed by means of a deep neural network that implicitly learns the distribution of pairs of short-term RSS vector estimates.
  arXiv  Detail & Related papers  (2022-11-08T14:20:58Z)
• CrowdGuard: Federated Backdoor Detection in Federated Learning [39.58317527488534]
  This paper presents a novel defense mechanism, CrowdGuard, that effectively mitigates backdoor attacks in Federated Learning. CrowdGuard employs a server-located stacked clustering scheme to enhance its resilience to rogue client feedback. The evaluation results demonstrate that CrowdGuard achieves a 100% True-Positive-Rate and True-Negative-Rate across various scenarios.
  arXiv  Detail & Related papers  (2022-10-14T11:27:49Z)
• An anomaly detection approach for backdoored neural networks: face recognition as a case study [77.92020418343022]
  We propose a novel backdoored network detection method based on the principle of anomaly detection. We test our method on a novel dataset of backdoored networks and report detectability results with perfect scores.
  arXiv  Detail & Related papers  (2022-08-22T12:14:13Z)
• Open-destination measurement-device-independent quantum key distribution network [10.480419551094071]
  Quantum key distribution (QKD) networks hold promise for sharing secure randomness over multi-partities. Here, we propose an open-destination measurement-device-independent QKD network. The scheme enjoys security against untrusted relays and all detector side-channel attacks.
  arXiv  Detail & Related papers  (2020-09-28T16:05:32Z)
• CryptoSPN: Privacy-preserving Sum-Product Network Inference [84.88362774693914]
  We present a framework for privacy-preserving inference of sum-product networks (SPNs) CryptoSPN achieves highly efficient and accurate inference in the order of seconds for medium-sized SPNs.
  arXiv  Detail & Related papers  (2020-02-03T14:49:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.